Application No. 09/426,442 



Docket No.: 99-703 



REMARKS 

Claims 1, 18-23, 25-33 and 35-37 are pending. Claims 1, 27 and 37 are independent claims, 
and are amended herein. Support for the foregoing amendments to the claims may be found in the 
Specification at least at page 23, lines 3-4. 

The Board of Patent Appeals and Interferences affirmed, in its Decision on Appeal dated 
February 1, 2012 ("Board Decision"), rejections from the Final Office Action dated April 14, 2010, 
as follows: 

1. Claims 1,19, 20, 24, 25-27, 29, 30, 34, 35 and 36 were rejected under 
35 U.S.C. § 103(a) as allegedly being unpatentable over U.S. Patent No. 6,367,009 
("Davis") in view of U.S. Patent No. 6,178,505 ("Schneider") in view of U.S. Patent 
No. 6,023,765 ("Kuhn"). 

2. Claims 21, 22, 31, 32 and 37 were rejected under 35 U.S.C. § 103(a) 
as allegedly being unpatentable over Davis in view of Schneider and Kuhn and 
further in view of U.S. Patent Application No. 2001/0020242 ("Gupta"). 

3. Claims 18, 23, 28 and 33 were rejected under 35 U.S.C. § 103(a) as 
allegedly being unpatentable over Davis in view of Schneider and Kuhn and further 
in view of U.S. Patent No. 6,240,091 ("Ginzboorg"). 

Claim 1 as amended recites "an access policy specifying at least one portion of a computer 
site to which the corresponding user is permitted access, the computer site being divided into 
isolated subnets, each at least one portion included in one of the subnets," and "an access control 
system, in computer hardware coupled to the directory, for controlling access to the computer site 
by permitting the user to access one or more of the subnets including one of said each at least one 
portion of the computer site." Applicants respectfully submit that claim 1 is allowable over the 
cited references because none of them teach or suggest at least "the computer site being divided into 
isolated subnets," or that "the access policy is used to provide tiered access to one or more of the 
subnets." 

Davis discloses at most "delegating authority and authentication from a client to a [middle 
tier] server in order that the server can establish a secure connection ... to a back-and application 
on behalf of the client." (Davis, Abstract.) Davis' middle tier server is simply used to identify a 
user, and to establish a secure connection with an end tier server. (Davis, column 9, lines 34-49.) 
Thus, Davis is concerned with establishing a secure connection, and various mechanisms for 
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authenticating users, but does include any teaching or suggestion related to "isolated subnets," much 
less to a portion of a computer site "included in one of the subnets," or providing "controlling 
access to the computer site by permitting the user to access one or more of the subnets including one 
of said each at least one portion of the computer site." 

Schneider discloses at most an access policy under which different categories of users may 
be allowed to access different categories of information. (Schneider, column 10, lines 12-13.) 
However, Schneider's different categories of information are not stored in "isolated subnets," nor 
does Schneider include any teaching or suggestion related to "isolated subnets." Instead, Schneider 
discloses a database that "permits hierarchical definition of both user groups and information sets." 
(Schneider, column 12, lines 21-22.) Access policies are apphed to information in the database to 
determine information that a user may access. (Schneider, column 12, lines 54-62.) At least 
because information filtered from a database is not included in an "isolated subnets," Schneider 
cannot teach or suggest a computer site "included in one of the subnets," or providing "controlling 
access to the computer site by permitting the user to access one or more of the subnets including one 
of said each at least one portion of the computer site." 

Kuhn discloses using role-based access control to access a multi-level secure system. 
(Kuhn, Abstract.) Kuhn does not provide substantial detail concerning the architecture of a multi- 
level secure system, and certainly includes no teaching or suggestion related to "isolated subnets." 
Certainly Kuhn does not teach or suggest a portion of a computer site "included in one of the 
subnets," or providing "controlling access to the computer site by permitting the user to access one 
or more of the subnets including one of said each at least one portion of the computer site." 

Gupta discloses no more than storing user profile information, which then may be sold, or 
used to provide advertising or customized displays. (Gupta, Abstract.) Gupta does not include any 
teaching or suggestion related to "isolated subnets," much less a portion of a computer site 
"included in one of the subnets," or providing "controlling access to the computer site by permitting 
the user to access one or more of the subnets including one of said each at least one portion of the 
computer site." 

Ginzboorg is simply directed to providing an access service for terminals to access a 
network. (Ginzboorg, Abstract.) Thus, Ginzboorg is concerned simply with authenticating users to 
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the network, maintaining data integrity, tracking user sessions, and maintaining privacy. 
(Ginzboorg, column 4, lines 3-8.) Ginzboorg is also focused on charging users for network 
services. (Ginzboorg, column 7, lines 16-34.) Ginzboorg does not include any teaching or 
suggestion related to different portions of his network, much less to "isolated subnets," a portion of 
a computer site "included in one of the subnets," or providing "controlling access to the computer 
site by permitting the user to access one or more of the subnets including one of said each at least 
one portion of the computer site." 

For least the foregoing reasons, claim 1, and all claims depending therefrom, are allowable 
over the cited references. Further, although the claims differ in scope, independent claims 27 and 
37, and the claims depending respectively therefrom, are likewise allowable over the cited 
references. 

Accordingly, all rejections have been addressed.^ In view of the above, the presently 
pending claims are believed to be in condition for allowance. Accordingly, reconsideration and 
allowance are respectfully requested and the Examiner is respectfully requested to pass this 
application to issue. 



' As Appellants' remarks with respect to the Examiner's rejections are sufficient to overcome these rejections, 
Appellants' silence as to assertions by the Examiner in the Office Action or certain requirements that may be applicable 
to such rejections (e.g., whether a reference constitutes prior art, motivation to combine references, assertions as to 
dependent claims, etc.) is not a concession by Appellants that such assertions are accurate or such requirements have 
been met, and Appellants reserve the right to analyze and dispute such assertions/requirements in the future. 
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It is believed that any fees associated with the filing of this paper are identified in an 
accompanying transmittal. However, if any additional fees are required, they may be charged to 
Deposit Account 18-0013, under order number 65632-0632. To the extent necessary, a petition 
for extension of time under 37 C.F.R. 1.136(a) is hereby made, the fee for which should be 
charged against the aforementioned account. 
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